Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2005.0757 -- Debian Security Advisory DSA 823-1
New util-linux packages fix privilege escalation
30 September 2005
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: util-linux
mount
Publisher: Debian
Operating System: Debian GNU/Linux 3.1
Linux variants
Impact: Inappropriate Access
Access: Existing Account
CVE Names: CAN-2005-2876
Revision History: September 30 2005: Added mount to list of affected products
September 30 2005: Initial Release
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - --------------------------------------------------------------------------
Debian Security Advisory DSA 823-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
September 29th, 2005 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------
Package : util-linux
Vulnerability : privilege escalation
Problem type : local
Debian-specific: no
CVE ID : CAN-2005-2876
Debian Bug : 328141 329063
David Watson discoverd a bug in mount as provided by util-linux and
other packages such as loop-aes-utils that allows local users to
bypass filesystem access restrictions by re-mounting it read-only.
For the old stable distribution (woody) this problem has been fixed in
version 2.11n-7woody1.
For the stable distribution (sarge) this problem has been fixed in
version 2.12p-4sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 2.12p-8.
We recommend that you upgrade your loop-aes-utils package.
Upgrade Instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.11n-7woody1.dsc
Size/MD5 checksum: 641 fce635015061f5d46813f8592a40d4c6
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.11n-7woody1.diff.gz
Size/MD5 checksum: 50075 cf65f5247eb2804b2a50f9194e68cb90
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.11n.orig.tar.gz
Size/MD5 checksum: 1442534 8abef2ae7e95177f5253ed4535e074c1
Architecture independent components:
http://security.debian.org/pool/updates/main/u/util-linux/util-linux-locales_2.11n-7woody1_all.deb
Size/MD5 checksum: 650386 a4be44b838e54364ddf1f173221744f5
Alpha architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.11n-7woody1_alpha.deb
Size/MD5 checksum: 42090 47783226e3c34c116eb07b37d1210d1c
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.11n-7woody1_alpha.deb
Size/MD5 checksum: 125614 5ded5ce9534da343bc1f2d1932b1dad2
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.11n-7woody1_alpha.deb
Size/MD5 checksum: 389870 25f9bbe360817774d353ff4b0867c1d3
ARM architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.11n-7woody1_arm.deb
Size/MD5 checksum: 38952 d27109fd1a530f9645abc7a49782d2a3
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.11n-7woody1_arm.deb
Size/MD5 checksum: 99214 9c97a96648eb0e2de9807ed6ebf28273
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.11n-7woody1_arm.deb
Size/MD5 checksum: 336014 b0a323657cbac6753dbfb2f8702f97e3
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.11n-7woody1_i386.deb
Size/MD5 checksum: 39666 6ad1c919266183bc2d9b72900dcacd32
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.11n-7woody1_i386.deb
Size/MD5 checksum: 99486 7c46ddd1c0344fef3b1bdb73b49479d6
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.11n-7woody1_i386.deb
Size/MD5 checksum: 330128 d6e5c87bb8e250d6fb25c42ea4bcabd4
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.11n-7woody1_ia64.deb
Size/MD5 checksum: 44814 ccd30f34220f611839f6af3804994f35
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.11n-7woody1_ia64.deb
Size/MD5 checksum: 141200 2665d0a3d0c4e4c44379cf72f6da820e
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.11n-7woody1_ia64.deb
Size/MD5 checksum: 450054 fd182f5abb1f7e5e8e0e7b2c9b7063b8
HP Precision architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.11n-7woody1_hppa.deb
Size/MD5 checksum: 40848 6ac5aeb7c1f65b14668cf2f25b33dea2
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.11n-7woody1_hppa.deb
Size/MD5 checksum: 114886 74597c0f5942039cf0adbc3c6b5fa34d
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.11n-7woody1_hppa.deb
Size/MD5 checksum: 367094 4933cae4c4cb1e01ced24d52f3e9b2b0
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.11n-7woody1_m68k.deb
Size/MD5 checksum: 39170 62f8cac276d09b134c0a62c42563ab51
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.11n-7woody1_m68k.deb
Size/MD5 checksum: 96928 51eb3ba6a32e35ee5e7db83eec7436bf
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.11n-7woody1_m68k.deb
Size/MD5 checksum: 203656 937a79d72ea795195c6b761a5aea7bb6
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.11n-7woody1_mips.deb
Size/MD5 checksum: 39846 94fa3b3bf56f6d63066603acbbcc3d43
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.11n-7woody1_mips.deb
Size/MD5 checksum: 112544 8493e3d4ee5ac8037a51f30baf2e197b
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.11n-7woody1_mips.deb
Size/MD5 checksum: 348288 d1f62cda038b511e5df00f7850fecd94
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.11n-7woody1_mipsel.deb
Size/MD5 checksum: 39706 508586755e53ed64c3aa32455b0f0b6c
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.11n-7woody1_mipsel.deb
Size/MD5 checksum: 112684 2e7fd13c29633ce39676f63932b0fc8d
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.11n-7woody1_mipsel.deb
Size/MD5 checksum: 347824 c6244afdec75eb663065aa13fa7bdeda
PowerPC architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.11n-7woody1_powerpc.deb
Size/MD5 checksum: 39288 96bec0efd657e08892a27c10e2aeb33f
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.11n-7woody1_powerpc.deb
Size/MD5 checksum: 102562 2a5d7040ab0372bdfbeeacabcd3f6b8b
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.11n-7woody1_powerpc.deb
Size/MD5 checksum: 339450 0046286fb461e613f10e51f29980abb3
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.11n-7woody1_s390.deb
Size/MD5 checksum: 40426 b8bbe428e0dcab555753d427112afab6
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.11n-7woody1_s390.deb
Size/MD5 checksum: 106674 62cf3121f0096637cfad9f0b6f42c750
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.11n-7woody1_s390.deb
Size/MD5 checksum: 190018 9130482d45c4d70d75729c75fce92daa
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.11n-7woody1_sparc.deb
Size/MD5 checksum: 46030 8ff343a6e95a5b3f1894b849c328da2e
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.11n-7woody1_sparc.deb
Size/MD5 checksum: 113674 744e3c6ebe8ce757f9f8fe6947a9db4a
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.11n-7woody1_sparc.deb
Size/MD5 checksum: 273234 bb59545a02d0b7570fb34a4fd12b2c68
Debian GNU/Linux 3.1 alias sarge
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p-4sarge1.dsc
Size/MD5 checksum: 712 9341316ba59e695a6bc89cd9ecda5f65
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p-4sarge1.diff.gz
Size/MD5 checksum: 73184 777c64bed4a63496ec05456ccf234bcd
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p.orig.tar.gz
Size/MD5 checksum: 2001658 d47e820f6880c21c8b4c0c7e8a7376cc
Architecture independent components:
http://security.debian.org/pool/updates/main/u/util-linux/util-linux-locales_2.12p-4sarge1_all.deb
Size/MD5 checksum: 1078722 5f5e4513c74e6cb5262b4ac976881eb0
Alpha architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.12p-4sarge1_alpha.deb
Size/MD5 checksum: 68950 bb19eb9abe0bc1277e3dd2313b8f4153
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.12p-4sarge1_alpha.deb
Size/MD5 checksum: 159648 f1636230b6f4523f80edc78aa57ba2aa
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p-4sarge1_alpha.deb
Size/MD5 checksum: 439592 cdaad3d4d275315f03bd304c9d414faf
AMD64 architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.12p-4sarge1_amd64.deb
Size/MD5 checksum: 67222 26b68625dda4c3736124a14543347ebd
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.12p-4sarge1_amd64.deb
Size/MD5 checksum: 146038 b8f5b355beb87bc3637861fc526c6d85
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p-4sarge1_amd64.deb
Size/MD5 checksum: 400974 361df6632f69bac77bf290f5ab9a0f71
ARM architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.12p-4sarge1_arm.deb
Size/MD5 checksum: 65290 4efd973f621a30865f70cfcbb70473df
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.12p-4sarge1_arm.deb
Size/MD5 checksum: 136262 018f40934ba15fb5e20a0c625f8eb9b9
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p-4sarge1_arm.deb
Size/MD5 checksum: 386952 cdb739cf88a719d3f74b2519f7ed8abc
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.12p-4sarge1_i386.deb
Size/MD5 checksum: 65606 8339484e18bf9d4e491c73bc2a9b6a76
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.12p-4sarge1_i386.deb
Size/MD5 checksum: 139460 544996c905c84f9cdaef5bc4d0eefb10
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p-4sarge1_i386.deb
Size/MD5 checksum: 378306 93e989d714a489a8d5ddee64b33c6e90
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.12p-4sarge1_ia64.deb
Size/MD5 checksum: 71536 a088766c3e795b062a612dc6d72a5c70
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.12p-4sarge1_ia64.deb
Size/MD5 checksum: 173796 5b3790cc40b6e8d1663d6deef0ccab1c
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p-4sarge1_ia64.deb
Size/MD5 checksum: 507240 c5145ec21236d9070a7a6336a980a89e
HP Precision architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.12p-4sarge1_hppa.deb
Size/MD5 checksum: 67900 20a19565eb92558559c0adf23c4c2d0f
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.12p-4sarge1_hppa.deb
Size/MD5 checksum: 149158 29252ec2808c4d83e2479a33f11ae1a8
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p-4sarge1_hppa.deb
Size/MD5 checksum: 423080 322a7f09ca9f9a237413dc773569c012
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.12p-4sarge1_m68k.deb
Size/MD5 checksum: 65550 7596fb004730584bffca201e249ab649
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.12p-4sarge1_m68k.deb
Size/MD5 checksum: 129726 6feecfc0d82581bc412ee9a438e1a29e
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p-4sarge1_m68k.deb
Size/MD5 checksum: 242620 60cccf944698d0a8745374e235289604
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.12p-4sarge1_mips.deb
Size/MD5 checksum: 71096 027aa05d9700dd5af662b781dcd9775b
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.12p-4sarge1_mips.deb
Size/MD5 checksum: 149458 eeaf4aa326ae1b7564b2dda793734068
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p-4sarge1_mips.deb
Size/MD5 checksum: 453900 69552406024cc032c557c524e783582f
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.12p-4sarge1_mipsel.deb
Size/MD5 checksum: 71010 2326040662acc0699d767bae3bebd39f
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.12p-4sarge1_mipsel.deb
Size/MD5 checksum: 150020 1e48ae6712dce580678651ec91663e8b
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p-4sarge1_mipsel.deb
Size/MD5 checksum: 453972 e533c8ac5d80dbe2b7c70daf18085af7
PowerPC architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.12p-4sarge1_powerpc.deb
Size/MD5 checksum: 65978 05e9556e5750e669bec851420ab8f33f
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.12p-4sarge1_powerpc.deb
Size/MD5 checksum: 147196 41bf9664a9d41b42feb3ecad65d301ed
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p-4sarge1_powerpc.deb
Size/MD5 checksum: 406370 1c2d8185c20990c83c17167520a069a5
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.12p-4sarge1_s390.deb
Size/MD5 checksum: 67110 6e0c2effc303c52f8ee6af6c2000d474
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.12p-4sarge1_s390.deb
Size/MD5 checksum: 145748 11b35f1e0d8195a764ce017c2b1dc219
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p-4sarge1_s390.deb
Size/MD5 checksum: 379132 b389239d7f14c30cd020254975ae9b7e
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/u/util-linux/bsdutils_2.12p-4sarge1_sparc.deb
Size/MD5 checksum: 65416 57c00592da329cec3c1ebdc1630a671f
http://security.debian.org/pool/updates/main/u/util-linux/mount_2.12p-4sarge1_sparc.deb
Size/MD5 checksum: 138136 12581a557519b123e3177e37877e2b0f
http://security.debian.org/pool/updates/main/u/util-linux/util-linux_2.12p-4sarge1_sparc.deb
Size/MD5 checksum: 274442 5f93b33ea1f6372e244c3c8dcc95a062
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDO5m0W5ql+IAeqTIRAkQJAJ9997RfpHBmsBwC/ywZTXTWE90PegCghMJH
Ky+REN/gU3d8WH435DPPhLk=
=eDV/
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBQzzLKSh9+71yA2DNAQKdGAP/eOAYk0b2KHjRdIELdcPds2jb8uD5yKth
iiph0JSpXflSiibwwQ7AvEr1YPbb9+eqPEH1lDI9dtu31OgzWBLCoxlug3a6T5gX
FUziB9O3pvJaRfgddjLz6qGjlGnlNyq8i31LxA3Lq8YcA5fSCMmODDWBTNXFu7Uy
q5KbbU6mCPA=
=0suK
-----END PGP SIGNATURE-----